sonata admin bundle acl-class-field and acl-object-field

Question

How can i setup ACL with class-field-scope in sonata admin bundle

Setting up the ACL with the SonataAdminBundle has been straightforward so far. Now I would like to dig a bit deeper. But I can not find any documentation regarding class-field-scope.

What I would like to do is the following:

Let's say I have a product entity. Now I want to restrict acces for ROLE_ADMIN_PRODUCT_STAFF users for the "field_XY" of that entity.

ROLE_ADMIN_PRODUCT_EDITOR should have access(VIEW, EDIT) to it though.

Anyone has got experience with this kind of requirement?!

Answer 1

You could use $this->isGranted('ROLE_ADMIN_PRODUCT_STAFF') in the configureFormFields() method to add fields depending on the role of the user that is currently logged in.

Example:

protected function configureFormFields(FormMapper $formMapper)
{
    $formMapper
        ->add('first_field')
        ->add('second_field');

    if ($this->isGranted('ROLE_ADMIN_PRODUCT_STAFF') {
        $formMapper
            ->add('field_XY');
    }
}